[Swan] Enabling ipsec disables normal ping functionality in openswan

Paul Wouters paul at nohats.ca
Thu May 2 18:27:07 UTC 2019

On Thu, 2 May 2019, Madhan Raj wrote:

> we have upgraded our linux  machine from Red Hat Enterprise Linux Server release 6.2 (Santiago)(openswan-2.6.32-27.4.el6_5.x86_64)  to  6.6 (Santiago) (openswan-2.6.32-37.el6.x86_64).
> I have an ipsec policies   configured between 2 different servers and ipsec  status showed me that it is loaded and working fine.
> As soon as we  upgrade the servers to 6.6 ipsec  policies are loaded sucessfully in ipsec status command but somehow normal network pings are failing with below error :- 
> ping: sendmsg: Operation not permitted

That looks like a firewall rule or possibly selinux policy preventing a

Just confirm with "ipsec trafficstatus" that your tunnel is up?


More information about the Swan mailing list